chib.jpg

Is DLL Packer Anti Debug Anti VM Signed XOR AntiVirus 51/70 Related 2600
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
File size: 333.00 KB (340992 bytes)
Compile time: 2019-09-17 23:53:39
MD5: ceba49d659e272dcf60a9ace17f6c521
SHA1: c77a3250a782cc98990652b08d898375e8825428
SHA256: ef5d38b465700cab9fcea6e11e8bcd98361257e62469c533aece6de36ac16178
Import hash: f34d5f2d4577ed6d9ceec516c1f5a744
Sections 3 .text .rsrc .reloc
Directories 3 import resource relocation
First submission: 2019-10-21 03:36:04
Last submission: 2019-10-21 04:33:04
Filename detected: - chib.jpg (2)
- chibu.jpg (2)
- chibu.exe (2)
URL file hosting
hXXp://[www].gessuae.ae/wp-includes/fonts/chib.jpgVirusTotal
hXXp://[www].gessuae.ae/wp-includes/fonts/chibu.jpgVirusTotal
hXXp://gessuae.ae/wp-includes/fonts/chibu.exeVirusTotal
hXXp://[www].gessuae.ae/wp-includes/fonts/chibu.exeVirusTotal
hXXp://gessuae.ae/wp-includes/fonts/chibu.jpgVirusTotal
hXXp://gessuae.ae/wp-includes/fonts/chib.jpgVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
2019-10-17 16:00:04 [51/70] VirusTotal
PE Sections 1 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x2000 0x52964 338432 833b71855a442b4989e288ae0041a6b7 a6a0ec32ddbc907bcd949fcd43d8b449d1510f8c
.rsrc 0x56000 0x5a0 1536 e7c181245c92d758f6dd846677c941a6 aff43605327b33e8ee0759bce36da422c94ad19d
.reloc 0x58000 0xc 512 f1f826cf4bcfa0026419959f200ffeb9 1eddc258c1d8309f926a2a2b10d5a1bfe7e12e27
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
Microsoft Visual C# / Basic .NET
Microsoft Visual Studio .NET
.NET executable
Microsoft Visual C# v7.0 / Basic .NET
File found
FIle type: XML
System.Xml
FIle type: Library
IELibrary.dll
USER32.dll
psapi.dll
vaultcli.dll
KERNEL32.dll
mscoree.dll
SHELL32.dll
SHLWAPI.dll
ADVAPI32.dll
IP Found
No IP detected
URL(s)
No URL found

#infosec #automation

TheSystem Itself @ 2019-10-21 03:36:04